You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Hi. I need help! I hope this is where I post this...
Earlier today my computer was acting funny, I kept getting messages that my computer was infected with a virus and had the Live Security Platinum popup, saying I need to purchase it so it will remove the virus. I DID NOT purchase but I wasn't able to uninstall or close it down, it was blocking me from opening up any programs. I shut the pc down and restarted, right away, I opened my malware program and did a scan. It found the Live security, and I was able to quarantine and delete it. It seemed to be gone, but when I open a window, using Firefox, another tab will open up on it's own to some other site, and it is a different site sometimes. I tried to check my email and can't even open an email! I also tried to enable my firewall, but it won't let me.

My name is M-K-D-B and I'll help you with the cleanup of your computer.

Please be aware of the following:

Please complete all steps in the specified order.

Even if tools don't find malware, I want you to post the logfiles anyway.

Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.

Read the instructions carefully. If you have problems, stop what you were doing and describe the problems you encountered as precisely as you can.

Don't install or uninstall software during the cleanup unless you are told to do so.

If you can't answer for the next few days, please let me know. If you haven't answered within 3 days, I am assuming that you don't need help anymore and your topic will be closed.

I can not guarantee that we will find and be able to remove all malware. Formatting is usually faster and always the safest way.

If you decide to clean your PC, work with us until a team member tells you that you are clean.

As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.

Backdoor Warning!One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.If you decide to clean your machine, please follow the instructions below.

Step 1We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofix* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Please include the C:\ComboFix.txt in your next reply for further review.

Thank you for taking the time to help. I was thinking about just wiping my computer..again. But I have to much stuff on here to save and all that. I will go ahead and try to clean it out this way =)

I have been trying to get the ComboFix to work but it won't..I disabled my antivirus program and did the update on the ComboFix, but it opens to this samll window, the background is black and the text is the bright green..then it stops and does..nothing else.

I also, on accident, uninstalled FB Messenger, I know I read somewhere I am not suppose to uninstall anything. Sorry, hope that doesn't mess anything up.

Your computer will be rebooted automatically. A text file will open after the restart.

Please post the content of that logfile with your next answer.

You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step 2Now reboot into Safe Mode with networking.This can be done tapping the F8 key as soon as you start your computerYou will be brought to a menu where you can choose to boot into safe mode.Make sure you choose the option with networking support.Please see here for additional details.

Now delete the ComboFix.exe from your desktop!

Step 3Download a new version of ComboFix from here and safe it to your desktop!

Press the "windows key" + "R"

Copy/paste the following text into the run box & click OK

"%userprofile%\desktop\combofix.exe" /killall

When finished, it shall produce a log for you. Post that log in your next reply.

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

I am getting this pop-up that says I am not running Genuine Windows. And I am not able to do any Windows Updates. I am no longer getting the redirects(YAY). Thanks for the help!! And I hope I posted the Gamer log right =)

Step 1You have installed some Adware and PUP (potentially unwanted programs) on your computer.I highly recommend you to uninstall them.Click "start" on the taskbar and then click on the "Control Panel" icon.Please doubleclick the "Add or Remove Programs" iconA list of programs installed will be "populated" this may take a bit of time.If they exist, uninstall the following by clicking on the following entries and selecting "remove":

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.